From mboxrd@z Thu Jan 1 00:00:00 1970 From: George Mauer Subject: Re: Org export to HTML with encrypted information ?? Date: Fri, 29 Nov 2019 08:27:53 -0600 Message-ID: References: <87blsvszfe.fsf@mbork.pl> Reply-To: gmauer@gmail.com Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000c3934905987d09d4" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:53238) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iahFl-0003RX-0W for emacs-orgmode@gnu.org; Fri, 29 Nov 2019 09:28:14 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iahFg-0001W4-Rk for emacs-orgmode@gnu.org; Fri, 29 Nov 2019 09:28:11 -0500 Received: from mail-oi1-x22b.google.com ([2607:f8b0:4864:20::22b]:38502) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iahFg-0001Mh-LT for emacs-orgmode@gnu.org; Fri, 29 Nov 2019 09:28:08 -0500 Received: by mail-oi1-x22b.google.com with SMTP id a14so26224858oid.5 for ; Fri, 29 Nov 2019 06:28:07 -0800 (PST) In-Reply-To: <87blsvszfe.fsf@mbork.pl> List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Sender: "Emacs-orgmode" To: emacs-orgmode@gnu.org --000000000000c3934905987d09d4 Content-Type: text/plain; charset="UTF-8" Basic "I'm not too worried about it" level of security: stick it on a webserver using .htaccess to demand a password. Make that password halfway decent. Better option: export to PDF by either exporting to HTML or latex and then using that system's PDF export. Keep both PDF and original in a folder on Google drive or Dropbox that is shared only with those who need access. (No password needed at all so you won't have someone compromising you with a crap password) Best option: same thing but store those files in a respected password manager like 1password or keepass. Train your family to use the password manager. Use it as a vault for all sorts of "just in case, they should know" info. In theory, you could even automate things to work on a deadman's switch. Have a system that pings you via email, SMS, or another communications mechanism weekly. If you don't respond within a few days, it automatically shares the aforementioned files using gdrive, Dropbox, 1password, etc (not email though - email is not secure) On Fri, Nov 29, 2019, 5:56 AM Marcin Borkowski wrote: > > On 2019-11-29, at 08:24, David Masterson wrote: > > > My use-case is this: > > > > I'd like to use Org to write up *all* the information about my family > > life (so to speak) including medical histories of my family, issues with > > the house, bank accounts, financial information, etc., so that my family > > has all the information to refer to when necessary in a (hopefully) > > well-structured form. Naturally, this is going to have a fair amount of > > really sensitive information. By carefully outlining the information, I > > can structure the sensitive information to be in key parts of the > > documents that I can then encrypt using org-crypt. > > > > That part is straightforward. The tricky part is that my family is not > > "Emacs literate" and, so, I'm thinking the best idea is to export the > > information from Org files to HTML files so that I can then present to > > them as a website. They are used to browsing the web, so this should be > > more natural to them. The problem that I'm looking for help with is how > > to deal with the encrypted information? Any suggestions? > > This is a very interesting and important question. I don't have any > advice, but I would very much like to hear what others have to say. > > While this does not answer your question (but is related): who is going > to have the password/passphrase? Have you considered using a secret > sharing scheme? > > Best, > > -- > Marcin Borkowski > http://mbork.pl > > --000000000000c3934905987d09d4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Basic "I'm not too worried about it" level of security= : stick it on a webserver using .htaccess to demand a password. Make that p= assword halfway decent.

= Better option: export to PDF by either exporting to HTML or latex and then = using that system's PDF export. Keep both PDF and original in a folder = on Google drive or Dropbox that is shared only with those who need access. = (No password needed at all so you won't have someone compromising you w= ith a crap password)

Bes= t option: same thing but store those files in a respected password manager = like 1password or keepass. Train your family to use the password manager. U= se it as a vault for all sorts of "just in case, they should know"= ; info.

In theory, you c= ould even automate things to work on a deadman's switch. Have a system = that pings you via email, SMS, or another communications mechanism weekly. = If you don't respond within a few days, it automatically shares the afo= rementioned files using gdrive, Dropbox, 1password, etc (not email though -= email is not secure)

On Fri, Nov 29, 2019, 5:56 AM Marcin Borkowski &= lt;m= bork@mbork.pl> wrote:

On 2019-11-29, at 08:24, David Masterson <dsmasterson@ou= tlook.com> wrote:

> My use-case is this:
>
> I'd like to use Org to write up *all* the information about my fam= ily
> life (so to speak) including medical histories of my family, issues wi= th
> the house, bank accounts, financial information, etc., so that my fami= ly
> has all the information to refer to when necessary in a (hopefully) > well-structured form.=C2=A0 Naturally, this is going to have a fair am= ount of
> really sensitive information.=C2=A0 By carefully outlining the informa= tion, I
> can structure the sensitive information to be in key parts of the
> documents that I can then encrypt using org-crypt.
>
> That part is straightforward.=C2=A0 The tricky part is that my family = is not
> "Emacs literate" and, so, I'm thinking the best idea is = to export the
> information from Org files to HTML files so that I can then present to=
> them as a website.=C2=A0 They are used to browsing the web, so this sh= ould be
> more natural to them.=C2=A0 The problem that I'm looking for help = with is how
> to deal with the encrypted information?=C2=A0 Any suggestions?

This is a very interesting and important question.=C2=A0 I don't have a= ny
advice, but I would very much like to hear what others have to say.

While this does not answer your question (but is related): who is going
to have the password/passphrase?=C2=A0 Have you considered using a secret sharing scheme?

Best,

--
Marcin Borkowski
http://mbork.pl

--000000000000c3934905987d09d4--